The Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled allowing a local attacker to execute arbitrary code on the system or cause a system crash. CVE(s): CVE-2016-5985 Affected product(s) and affected version(s): The following levels of IBM Tivoli Storage Manager (IBM Spectrum Protect) Client ...read more

There is a potential security vulnerability in IBM WebSphere Application Server, that is used by IBM Tivoli Netcool Configuration Manager (ITNCM). This involves the use of the custom authentication that sets the cookies: WASPostParam and WASReqURL, when the LtpaToken2 session cookie is invalid. The data contained in these cookies is used when the user will ...read more

IBM Storwize V7000 Unified is shipped with Samba, for which a fix is available for security vulnerabilities. CVE(s): CVE-2016-2119 Affected product(s) and affected version(s): IBM Storwize V7000 Unified The product is affected when running code releases 1.5.0.0 to 1.6.1.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ssg1S1009567X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114797 ...read more

IBM Security Virtual Server Protection for VMware is affected by multiple vulnerabilities found in OpenSSL, OpenVPN and GNU glibc. OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Virtual Server Protection for VMware. IBM Security Virtual Server Protection for VMware has addressed the applicable ...read more